Google Claims that Data Stored Overseas cannot be Subpoenaed by US Law Enforcement

Google and the U.S. Justice Department are clashing in
courtrooms across the country over the government’s power to compel the company
to turn over emails and other personal data sought in criminal probes.

The tensions deepened after a landmark court ruling last
year declaring private online communications stored overseas off-limits to
prosecutors—even if there is probable cause to suspect the data contains
evidence of a crime.

Law-enforcement authorities send Google thousands of
requests a year for user data in probes ranging from investigations of human
trafficking and child pornography to terrorism and white-collar cases. Google’s
“legal investigations support” team is responsible for finding and disclosing
matching records, often taking weeks to complete a single request, according to
the company.

Until a few months ago, Google turned over data demanded
in warrants regardless of where content was stored to comply with a 1986
federal statute that created safeguards over electronic communications and
established disclosure procedures.

Google, a unit of Alphabet Inc., changed its policy last
year when a New York federal appeals court became the highest judicial body to
rule that data on foreign servers is beyond the reach of warrants.

That case was brought by Microsoft Corp., which sought to
quash a search warrant in a drug-trafficking probe seeking data in Ireland.

Within hours after the ruling by the Second U.S. Circuit
Court of Appeals, Google halted the processing of all search warrants.
Coordinating with hundreds of employees, the company quickly developed tools to
identify and filter out data stored overseas, Google said in court documents.

Weeks later in August, Google lifted the moratorium. But
it no longer discloses emails, videos, photos and other data that it believes
are stored overseas. The company has the support of other technology companies,
including Microsoft, Yahoo Inc., Apple Inc. and Amazon.com Inc.

Google’s tighter lid on data has angered federal
prosecutors, who say the tech company is impeding investigations.

In at least one case, involving a warrant in a wire-fraud
probe, the government has asked a court to hold Google in contempt. In January,
prosecutors told a U.S. magistrate judge in San Francisco that the company had
wrongly withheld “volumes of data” and has “frustrated ongoing efforts to locate
the perpetrators.”

Google, in turn, asked the judge to quash the warrant and
possibly “investigate the government’s conduct” in the dispute, saying it’s
sought “diligently and in good faith” to comply with its obligations.

The law in question is the Stored Communications Act, a
pre-internet age statute authorizing the government to compel the disclosure of
electronic records with a judge-approved warrant based on probable cause.

It is a fight Google says it tried to avoid. Court papers
describe failed attempts at “constructive dialogue” with the Justice
Department.

In the wire-fraud case in San Francisco, Google said in
court papers that its data-location tools enabled it to disclose more emails it
could now confirm were domestically stored. Prosecutors say Google is still
holding back email attachments, calendar data and photos that could be
important evidence. There hasn’t been any ruling in this case yet.

The fight in some ways echoes Apple’s confrontation with
the Justice Department last year over whether the company could be forced to
unlock a terrorist’s iPhone. The standoff ended after the government said it
bought a phone-hacking tool to crack the device without Apple’s help.

While both disputes are examples of a major tech company
throwing down the gauntlet to prosecutors, the privacy concerns in Google’s
legal fight are more opaque, according to American University law professor
Jennifer Daskal, who specializes in national-security law.

Google has likened the government’s demands to requiring
a U.S.-based hotel chain to hand over a customer’s suitcase located in a
foreign hotel.

But Google’s customers don’t know where their data is
stored, as a federal magistrate judge in Philadelphia observed. Data is
dispersed across data centers. An email with an attachment can be located in
the country and abroad simultaneously. That’s because, as Google’s lawyers said
in court documents, a file can be split into “smaller chunks” and stored in
separate servers.

Lawyers for Google and other tech companies say it isn’t
just customer privacy at issue. Turning over foreign data risks an intrusion
upon foreign sovereignty that could provoke countermeasures, they have argued.

In a brief supporting Google’s position, Microsoft and Apple
said the government’s position “invites foreign nations to reciprocate by
likewise demanding that local offices of U.S. technology companies turn over
U.S. citizens’ private communications stored on U.S. soil.”

The Justice Department, for its part, says Congress never
intended to create such an investigative impediment. “Because Google’s data
moves across its global network automatically and does not persist in any one
geographic location,” the government told a Wisconsin federal court in March,
“the Microsoft decision renders such data inaccessible.”

Since the Second Circuit’s Microsoft decision, at least
two lower federal courts in other jurisdictions—Philadelphia and Milwaukee—have
disagreed with the holding. Judges there said requiring Google to produce data
stored abroad was lawful because the collecting and searching of the records
occurred in the U.S. Google has urged those judges to reconsider.

Google says it agrees with the Second Circuit’s
interpretation of the law. But as a matter of policy, it doesn’t think the
legal standard should be based on where data is stored, but rather on user
location. “Only Congress can create a new and lasting framework for this
process,” said a Google spokesman.

“Absent congressional involvement...I see this issue
percolating up to the Supreme Court,” Ms. Daskal said.

Comments

Post a Comment

Popular posts from this blog

How Facebook Outs Sex Workers
By Kashmir Hill Yesterday 2:20pm
Leila has two identities, but Facebook is only supposed
to know about one of them.
Leila is a sex worker. She goes to great lengths to keep
separate identities for ordinary life and for sex work, to avoid stigma,
arrest, professional blowback, or clients who might be stalkers (or worse).
Her “real identity”—the public one, who lives in
California, uses an academic email address, and posts about politics—joined
Facebook in 2011. Her sex-work identity is not on the social network at all;
for it, she uses a different email address, a different phone number, and a
different name. Yet earlier this year, looking at Facebook’s “People You May
Know” recommendations, Leila (a name I’m using using in place of either of the
names she uses) was shocked to see some of her regular sex-work clients.
Despite the fact that she’d only given Facebook
information from her vanilla identity, the company had somehow discerned her
real-world con…

The 15 Most Influential Websites of All TimeAlex Fitzpatrick,Lisa Eadicicco,Matt Peckham Updated:
Oct 20, 2017 10:55 AM ET | Originally published: Oct 18, 2017 The
web, or "world wide web" as we used to say, turns 27 years old on
December 20. On that date, nearly three decades ago, British engineer and
scientist Tim Berners-Lee launched the world's first website, running on a NeXT
computer at CERN (the European Organization for Nuclear
Research) in Switzerland.

The website wasn't much at the time, just a few sentences
organized into topic areas that laid out the arguments for the concept. But it
established vital first principles still essential to the web as it exists
today: the notion of hyperlinks that reimagined documents (and eventually any
form of media) as nonlinear texts, and the ability for anyone, anywhere in the
world, to peruse that content by way of a browser: a piece of software that
cohered to universal formatting standards. It's been a wild ride since…

British supermarket offers 'finger vein' payment in
worldwide first
By Katie Morley, consumer affairs editor 20 SEPTEMBER
2017 • 1:04AM
A UK supermarket has become the first in the world to let
shoppers pay for groceries using just the veins in their fingertips.
Customers at the Costcutter store, at Brunel University
in London, can now pay using their unique vein pattern to identify themselves.
The firm behind the technology, Sthaler, has said it is
in "serious talks" with other major UK supermarkets to adopt hi-tech
finger vein scanners at pay points across thousands of stores.
It works by using infrared to scan people's finger veins
and then links this unique biometric map to their bank cards. Customers’ bank
details are then stored with payment provider Worldpay, in the same way you can
store your card details when shopping online. Shoppers can then turn up to the
supermarket with nothing on them but their own hands and use it to make
payments in just three …